Input passed via the post title when performing a Quick Edit or
Bulk Edit action and via the post_status, comment_status,
and ping_status parameters is not properly sanitised before being used.
Certain input passed via tags in the tags meta-box is not properly sanitised
before being returned to the user.